Api workshop
0 likes667 views
The document discusses how to build APIs to control hardware using Electric Imp agents. It covers: 1) Using HTTP handlers to handle incoming requests and send responses; 2) Parsing request data like the method, path, headers and body; 3) Building APIs to get and set hardware states by sending messages from the agent to the device; 4) Storing current device states in the agent and returning them via API responses.
Api workshop
- 1. APIs for your Hardware Electric Imp Matt Haines Community Manager @beardedinventor
- 2. What are we doing tonight ● HTTP Handler Deep Dive ● APIs that change hardware states ● APIs that read hardware states
- 3. The Circuit
- 4. HTTP Handlers ● The HTTP Handler is the code that executes when your agent receives an incoming http request ● Register your handler with: http.onrequest(HTTPHandler) ● http://electricimp.com/docs/api/httphandler/
- 5. Basic Handler function HTTPHandler(req, resp) { // ALWAYS WRAP YOUR HANDLERS IN A TRY/CATCH try { // "200: OK" is standard return message resp.send(200, "OK"); } catch (ex) { // Send 500 response if error occured resp.send(500, format("Agent Error: %s", ex)); } }
- 6. The Request table method - The method (GET, PUT, POST, etc) path - The HTTP path minus the agentURL query - Table containing the query parameters body - The body of the request headers - Table containing the request headers
- 7. Let’s make an API function HTTPHandler(req, resp) { try { // "200: OK" is standard return message logRequest(req); resp.send(200, "OK"); } catch (ex) { // Send 500 response if error occured resp.send(500, format("Agent Error: %s", ex)); } }
- 8. function logRequest(req) { server.log(format("Method: %s", req.method)); server.log(format("Path: %s", req.path)); server.log(format("Body: %s", req.body)); server.log("Query Parameters:"); foreach(k,v in req.query) { server.log(format("%s: %s", k, v)); } server.log("Headers:"); foreach(k,v in req.headers) { server.log(format("%s: %s", k, v)); } }
- 9. Let’s make some requests // basic request curl "agenturl" // set the method curl -X POST "agenturl" // set a path and some query parameters curl -X POST "agenturl/api?led1=1&led2=test" // set a header curl -X PUT -H "apikey:123" "agenturl" // send some data in the body curl -X PUT -H "apikey:123" "agenturl" --data "{ "foo": "bar" }"
- 10. So what.. ● Use this information to build powerful APIs: ○ ○ ○ ○ path - what resource we’re interacting with method - what we’re doing with the resource body/query - data we need headers - authentication, etc ● Example: // Get the state of the LED curl -X GET "agenturl/led" // Set the state of the LED curl -X GET -H "apikey: 123" "agenturl/led" --data "{ "state": 1 }”
- 11. APIs to Set Hardware ● When we get a request ○ ○ ○ ○ ○ Check the verb Check the path Validate the data Send the data to the device Send a response ● When the device gets a message ○ Do something with it
- 12. Simple Device Code // configure hardware led <- hardware.pin9; led.configure(DIGITAL_OUT); // set LED from server agent.on("setLed", function(state) { led.write(state); });
- 13. Let’s make an API // here's the important bit local path = req.path.tolower(); if (req.method == "POST") { if (path == "/led" || path == "/led/") { if (req.body != null && req.body.len() > 0) { local data = http.jsondecode(req.body); if ("state" in data) { device.send("setLed", data.state. tointeger()); resp.send(200, "OK"); } } resp.send(406, "Not Acceptable - Missing 'state'"); } }
- 14. Let's make some requests // wrong url curl -X POST "agenturl" // proper url, but no data curl -X POST "agenturl/led" // proper url, and proper data curl -X POST "agenturl/led" --data "{ "state": 0 }"
- 15. What about reading data ● Two ways to query data from the device: ○ Send data from device to agent whenever state changes (or at regular intervals) ○ Make a round trip from agent → device → agent ● First method is easy, and fast, but no guarantee data is up to date ● Second method requires a LOT more code, and adds some time (as we need to make a round trip to the device)
- 16. Sending Data to the Device // configure hardware led <- hardware.pin9; led.configure(DIGITAL_OUT); function setLed(state) { led.write(state); agent.send("ledState", state); } agent.on("setLed", setLed); button <- hardware.pin1; function buttonStateChange() { setLed(1-led.read()); // invert state } button.configure(DIGITAL_IN_PULLUP, buttonStateChange);
- 17. Catch and Store Message in Agent ledState <- "Unknown"; agent.on("ledState", function(state) { ledState = state; }
- 18. Let's make an API // here's the important bit if (req.method == "GET") { if (path == "/led" || path == "/led/") { resp.send(200, http.jsonencode({state = ledState})); } }
- 19. Let's make some requests // wrong url curl -X GET "agenturl" // proper url curl -X GET "agenturl/led"
- 20. What about security ● All communication is HTTPS ● Agent URLs can't be crawled ● There are 6412 so guessing them is.. hard ● ● ● ● Security by obscurity API Keys Basic Auth HMAC-SHA Signatures
- 21. What's Next ● Write webpages or apps to interact with API ● Try implementing some of the auth methods ● Class to handle/delegate incoming requests ● Long polling ● Serve HTML pages from HTTP Handler